Folks,
i wrote a char driver for my i2c device. It is working on Android 4.0.3 using Linux kernel 3.0.8.
When I try to access the driver using ioctl() with my native Android app. I get a permission denied error.
If I create the device file using the following command I don't get the permission error.
mknod /dev/barcodescan c 100 0
I don't want to have to manually issue this command all the time but instead that the module does it on startup. I wrote the following code but I get a permission denied error.
How can I setup permission in this code?
ret= register_chrdev(MAJOR_NUMBER,"barcode",&fops );
if(ret) {
pr_info(KERN_ERR "%s:register chrdev failed\n",__FILE__);
return ret;
}
i2c_dev_class = class_create(THIS_MODULE,"barcode");
if (IS_ERR(i2c_dev_class)) {
ret = PTR_ERR(i2c_dev_class);
class_destroy(i2c_dev_class);
}
I assume that you are building your own Android image.
In that case, you need to edit init.rc to add lines like this to make sure that your device node is automatically created at boot:
mknod /dev/barcodescan c 100 0
chown system system /dev/barcodescan
You may want to change system:system to some other account and/or add more permissions with chmod, for example using chmod 666, but this is not recommended.
Related
Recently I am working on upgrading my opensips version manually from 2.2 to 3.3.
Upgradation is done from my side but in old opensips(2.2) I was able to show registered user(SIP) using opensipsctl ul show command but in new version 3.3 opensipsctl is deprecated(I guess not sure).
So I am trying to get details using opensips-cli but I didn't find out correct command for show register and show dump list, I try to follow below link but did not find correct command.
https://www.opensips.org/Documentation/Interface-CoreMI-3-0
Also, my opensips-cli -x command not working giving the below error. (mi_fifo module loaded correctly)
# opensips-cli -o output_type=yaml -x mi uptime
ERROR: cannot access fifo file /tmp/opensips_fifo: [Errno 13] Permission denied: '/tmp/opensips_fifo'
ERROR: starting with Linux kernel 4.19, processes can no longer read from FIFO files
ERROR: that are saved in directories with sticky bits (such as /tmp)
ERROR: and are not owned by the same user the process runs with.
ERROR: To fix this, either store the file in a non-sticky bit directory (such as /var/run/opensips),
ERROR: or disable fifo file protection using 'sysctl fs.protected_fifos=0' (NOT RECOMMENDED)
/tmp/opensips_fifo file also created correctly.
# ls -l /tmp/opensips_fifo
prw-rw-rw- 1 opensips opensips 0 Dec 29 06:52 /tmp/opensips_fifo
Using opensips-cli command I am able to create database and add table but not able to perform -x command.
Can anyone help me to find out a command for show register and show dump list also any suggestion related -x command not working on opensips-cli.
I had a similar error and i found the following:
if you state in the opensips-cli.cfg file that the fifo_file is located at /tmp/opensips_fifo, it will produce this error, try changing this setting to /var/run/opensips/opensips_fifo
I have a simple python3 script running on ubuntu server 20.04 that tries to call clamd (clamav-daemon process) library to scan a file. The scan ping() and version() function all work correctly. However when I actually do a test write and scan, i get the following error:
{'/filedrop/test.doc': ('ERROR', "Can't open file or directory")}
This is the code that I used to call the test write and scan, and this is all standard sample from the clamd website:
open('/filedrop/test.doc','wb').write(clamd.EICAR)
print(cd.scan('/filedrop/test.doc'))
After the code is run, i get the following string in the test file which indicates that the python3 script was able to successfully write to the file, yet i keep getting the error that the file can't be opened when i use the clamd scan function.
This is the string that was written to the file:
X5O!P%#AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
I am also able to run clamscan from command line on the folder and it successfully scans the files as well.
I'm running as root user while the service is using clamav:clamav.
I did give read/write permission to the folder and the files to "other users", and also indicated by the fact that the file could be written by the python script.
I believe the solution to the problem here is that AppArmour is blocking clamd for that particular directory. I would look at the AppArmour profile for clamd. It should be called something like /etc/apparmor.d/clamav or similar. You can adjust that profile or alternatively disable it (according to Ubuntu):
sudo ln -s /etc/apparmor.d/profile.name /etc/apparmor.d/disable/
sudo apparmor_parser -R /etc/apparmor.d/profile.name
More complete instructions available here:
https://help.ubuntu.com/community/AppArmor
You can also disable AppArmour, for the purposes of testing (I don't like to advise anyone to remove security features permanently), with:
sudo systemctl stop apparmor
sudo systemctl disable apparmor
I'm trying to figure out how to run a XDP code:
#include <linux/bpf.h>
int main() {
return XDP_PASS;
}
I'm trying to have XDP drop all the packets.
So I compiled it as :
clang -target bpf -c xdp.c -o xdp.o
and my interface name is enp5s0.
So I tried to sort of attach the code to that interface by typing :
ip -force link set dev enp5s0 xdpdrv obj xdp.o sec .text
Then I get the following error :
mkdir /sys/fs/bpf/tc/ failed: Permission denied
Continuing without mounted eBPF fs. Too old kernel?
Prog section '.text' rejected: Operation not permitted (1)!
- Type: 6
- Instructions: 2 (0 over limit)
- License :
Verifier analysis:
Error fetching program/map!
and I have no idea what is wrong.. I'm trying to get a hold of XDP and I've been trying to fix this problem for three days but no result.... I would really appreciate it if you guys would help me out!
can you check kernel version . it should be above 4.8
Do you run ipas superuser? Can you try to run ip -force link set dev enp5s0 xdp obj xdp.o sec .text instead of ip -force link set dev enp5s0 xdpdrv obj xdp.o sec .text? The first use xdp in best effort mode. Maybe your device driver doesn't support XDP-driver.
Another tip: you can specify the section of code you want with SEC("name_section") and then you use name_section instead of .text
I want to run ifup eth0 and ifdown eth0 without sudo by using Linux capabilitiesFor the same issue I have written code for the same main.c
int main{
FILE ,*fp;
fp = popen("ifdown eth0","r");
if(fp==NULL)
{
printf("popen falied\n")
}
pclose(fp);
}
If I have set capabilities to binary like following :
sudo setcap -v cap_chown,cap_dac_override,cap_fowner,cap_dac_read_search,cap_net_admin+epi main
all the capabilities are set it is verified by using getcap command
getcap main
main = cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_net_admin+eip
If run above code I get following reply :
./main ifdown: failed to open lockfile /run/network/ifstate.eth0:
Permission denied
Can somebody help me on this?
Capabilities don't work the way you think they do. They are attached to an executable file, and are reset when you execute a new file.
Your executable might have the permissions it need to change interface status, but not to run an external program that does so, which is what popen does.
I don't like it either, but that's the way it is.
If you've already written a program for doing what you want, you might as well go ahead and set uid on it. That will work as expected.
Following this question, how do I launch instruments with iPhone simulator as a device.
I tried this:
$ instruments -t /Developer/Platforms/iPhoneOS.platform/Developer/Library/Instruments/PlugIns/AutomationInstrument.bundle/Contents/Resources/Automation.tracetemplate -w iphonesimulator5.0 MyApp.app
But I get this error:
Instruments Usage Error : Device failed to become ready for use.
-w <deviceID> is used only when you wish to specify a hardware device as the destination (the 'deviceID' here is the Identifier of the device, found in the Organizer of Xcode).
Instead of using -w, you can specify a flag during the build to force instruments to use iPhone. Details can be found here.
I was doing it as follows:
1.I created a template in which I was calling my UI Automation Main file that Triggers running all the scripts.
EX:
//Main.js file will run auto.js scripts
//auto.js is my main file in which I am running all the scripts
//Main.js file
#import "auto.js"
auto.run();
//Now open terminal and run the following command.
1. Go to the directory where you saved your template
2.Copy the location where you simulator (full path) is
Than run the command below:
instruments -t ./NameOfYourTemplate.tracetemplate /Users/swathyvalluri/Debug-iphonesimulator/MyApp.app
Note : Create a new file in the template and copy the contents into it what ever you want to put, otherwise it will look for Main.js file in your locally and will fail when running it on another server.
Please let me know if you need more help :)
Device id means here UDID of the device.
Also see the link below, it is very useful :
http://lemonjar.com/blog/?p=69